Big Botnet Cast Wide Net in UK

An unusually large botnet swamped the UK this week with over 8 million phishing emails

Call it a mega-botnet: 20,000 IP addresses and 8.1 million emails -- and that's just in the U.K.

BlackSpider Technologies first discovered the phishing email over the weekend while monitoring email for its security service customers, according to John Fleming, vice president of marketing for BlackSpider. "We see a lot of phishing attacks. But the fact that this was so large and from one source was unique," he says. "Normally, you get them from a number of different sources."

The new exploit follows the pattern of many such attacks, posing as a bank and trying to the lure the victim to a link that's purportedly the bank's Website, where he or she would fill out personal information. The subject line of the emails was NatWest or Bank of Scotland, and the messages contain an image that, if clicked, redirects the recipient to a malicious Website that asks for their personal data. If a victim falls for it, the attacker can access the user's bank account.

Fleming says the phish was short-lived and BlackSpider, which was recently acquired by SurfControl plc , hasn't seen any further signs of the exploit. The company trapped the phish for its security customers but couldn't tell how many U.K. users had fallen for it.

Security experts say that despite the botnet's size, in the end, it's same old, same old. "I don't think this particular spam botnet is much different than others that have surfaced in the past," says Sean Kelly, business technology consultant for Consilium1. Kelly says a spam filter goes a long way for these types of exploits, and it'll cost you more in the end if you don't filter spam.

"The cost of not doing it is too great, from the risk of malicious code getting into your network; the risk of DOS to your mail server and other perimeter devices; and sheer wasted time and offensive content issue with employees having to view and manage the spam emails they receive," Kelly says.

— Kelly Jackson Higgins, Senior Editor, Dark Reading

About the Author(s)

Kelly Jackson Higgins, Editor-in-Chief, Dark Reading

Kelly Jackson Higgins is the Editor-in-Chief of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise Magazine, Virginia Business magazine, and other major media properties. Jackson Higgins was recently selected as one of the Top 10 Cybersecurity Journalists in the US, and named as one of Folio's 2019 Top Women in Media. She began her career as a sports writer in the Washington, DC metropolitan area, and earned her BA at William & Mary. Follow her on Twitter @kjhiggins.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights